[Yeti DNS Discuss] Authoritative for ARPA? (was: Strange BIND resolver behaviour (may be not Yeti-specific))

Shane Kerr shane at biigroup.cn
Wed Jul 15 07:58:42 UTC 2015


While I was looking at Stephane's discovery du jour, I noticed that some
Yeti servers are authoritative for arpa:

$ dig +noall +auth @2a02:2810:0:405::250 -t ds 204.in-addr.arpa. +norecurse
arpa.			172800	IN	NS	ns2.ipv6.ernet.in.
arpa.			172800	IN	NS	yeti-ns.wide.ad.jp.
arpa.			172800	IN	NS	bii.dns-lab.net.
arpa.			172800	IN	NS	ns-yeti.bondis.org.
arpa.			172800	IN	NS	yeti-ns.tisf.net.
arpa.			172800	IN	NS	dahu1.yeti.eu.org.
arpa.			172800	IN	NS	yeti-ns.ix.ru.
arpa.			172800	IN	NS	yeti-ns.as59715.net.

Some of the other servers do not seem to be:

$ dig +noall +auth @240c:f:1:22::6 -t ds 204.in-addr.arpa. +norecurse
in-addr.arpa.		172800	IN	NS	e.in-addr-servers.arpa.
in-addr.arpa.		172800	IN	NS	a.in-addr-servers.arpa.
in-addr.arpa.		172800	IN	NS	d.in-addr-servers.arpa.
in-addr.arpa.		172800	IN	NS	c.in-addr-servers.arpa.
in-addr.arpa.		172800	IN	NS	f.in-addr-servers.arpa.
in-addr.arpa.		172800	IN	NS	b.in-addr-servers.arpa.

Currently dahu1.yeti.eu.org, ns2.ipv6.ernet.in, and ns-yeti.bondis.org
answer ARPA, other servers do not.

My understanding is that the Yeti root servers are supposed to be
authoritative only for the root zone. Clearly there is confusion here.

So, I think that we have three tasks:

1. Decide what zones Yeti root servers should be authoritative for, and
2. Fix the documentation and configurations to implement this, and
3. Fix the existing servers to match this.



More information about the discuss mailing list